List Charter and FAQ at:-----Original Message-----
From: Szalkiewicz, Toni [mailto:[EMAIL PROTECTED]]
Sent: 17 July 2002 16:08
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!This resource is not for showing off, please keep the comments relevant to the issues and do not "pad-out" the thread by trying to be clever !Thank you for your corporation in this matterMS-Exchange Admin Staff-----Original Message-----
From: Abercrombie, Sherry [mailto:[EMAIL PROTECTED]]
Sent: 17 July 2002 16:03
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!I'm always thinking of others so, here's a little reason for you to wear your sunglasses ;)Sherry Abercrombie - FQ
Data Center Administration Team
Information Technology
"With sufficient thrust, pigs fly just fine."-----Original Message-----
From: Eldridge, Dave [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 9:43 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!List Charter and FAQ at:Now I don't have an excuse to wear my sunglasses when I read my email.List Charter and FAQ at:-----Original Message-----
From: Abercrombie, Sherry [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 8:43 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!:) I even changed the colors....I didn't want to continue to blind others......;)
Sherry Abercrombie - FQ
Data Center Administration Team
Information Technology "With sufficient thrust, pigs fly just fine."List Charter and FAQ at:-----Original Message-----
From: Eldridge, Dave [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 9:17 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!LOL!!! great foof.List Charter and FAQ at:-----Original Message-----
From: Abercrombie, Sherry [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 8:04 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!Okay, I'll have to accept the label of "Foof Queen". Well at least I have some "official" letters to put behind my name now.......
Sherry Abercrombie - FQ
Data Center Administration Team
Information Technology
"With sufficient thrust, pigs fly just fine."-----Original Message-----
From: Jeremiah Watson [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 10:54 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!
That is Insolence. We have all come to respect each other and abuse is part of that. Ask the Foof Queen from yesterday. ;-)
-----Original Message-----
From: Tom Meunier [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 11:51 AM
To: MS-Exchange Admin Issues
Subject: RE: Exchange 5.5 server HACKED!
Why would I do that? I'd like you to use your knowledge to assist new users, rather than call them trolls or put in a cryptic message about "it's been two weeks". I don't care whether you're happy or sad about it. I'm new here, and I didn't know that part of the list charter was to denigrate less-experienced admins rather than answer their question.
> -----Original Message-----
> From: Matthew Carpenter [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 16, 2002 10:46 AM
> To: MS-Exchange Admin Issues
> Subject: Re: Exchange 5.5 server HACKED!
>
>
> That is not nice Don.
>
> If he is trying to make me feel bad....he failed.
>
> ----- Original Message -----
> From: "Ely, Don" <[EMAIL PROTECTED]>
> To: "MS-Exchange Admin Issues"
> <[EMAIL PROTECTED]>
> Sent: Tuesday, July 16, 2002 10:21 AM
> Subject: RE: Exchange 5.5 server HACKED!
>
>
> Figures!
>
> -----Original Message-----
> From: Matthew Carpenter [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 16, 2002 11:22 AM
> To: MS-Exchange Admin Issues
> Subject: Re: Exchange 5.5 server HACKED!
>
>
> Sorry, I don't get it
>
> ----- Original Message -----
> From: "Tom Meunier" <[EMAIL PROTECTED]>
> To: "MS-Exchange Admin Issues"
> <[EMAIL PROTECTED]>
> Sent: Tuesday, July 16, 2002 10:11 AM
> Subject: RE: Exchange 5.5 server HACKED!
>
>
> This is a FAQ, and I'm afraid to post the link for fear that
> Matthew will flame me, and then say "How about [repost of the
> FAQ link that I had just posted]?".
>
> I'll look at your logs, since that's NOT a FAQ.
>
> > -----Original Message-----
> > From: Dan Schwartz [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, July 16, 2002 09:55 AM
> > To: MS-Exchange Admin Issues
> > Subject: RE: Exchange 5.5 server HACKED!
> >
> >
> >
> > OK, does anyone have a list of the ports Exchange 5.5
> > uses, besides 25 & 110?
> >
> > Also, if anyone wants to look at the Event Logs, simply click on:
> > <http://www.rogue-admins.com/dansworld/Exchange_Attack_App_Eve
> > ntlog.zip>
> > [This is a new link & new file from the one previously
> posted by me.]
> >
> > Cheers!
> > Dan
> >
> > "There are two major products that come out of Berkeley:
> LSD and UNIX.
> > We don't believe this to be a coincidence." (Jeremy S. Anderson)
> >
> > >-----Original Message-----
> > >From: Ely, Don [mailto:[EMAIL PROTECTED]]
> > >Sent: Tuesday, July 16, 2002 9:36 AM
> > >Subject: RE: Exchange 5.5 server HACKED!
> > >
> > >
> > >Uhhhh... Telneting to the server alone does NOT mean the
> > server is an
> > >open relay... I can telnet port 25 to any server in the
> world, that
> > >doesn't mean I can relay mail...
> > >
> > >-----Original Message-----
> > >From: Joe Irvine [mailto:[EMAIL PROTECTED]]
> > >Sent: Tuesday, July 16, 2002 9:38 AM
> > >Subject: RE: Exchange 5.5 server HACKED!
> > >
> > >
> > >Actually, no.. if you can telnet to the mail server you can
> > relay. No
> > >hacking needed. This is by the very nature of exchange. I would
> > >recommend looking at not allowing characters like %$! Through your
> > >firewall. Here's a link to check to see if you have an open relay..
> > >
> > >http://www.abuse.net/relay.html
> > >
> > >
> > >
> > >Thanks,
> > >
> > >Joe Irvine
> > > -----Original Message-----
> > >From: Dan Schwartz [mailto:[EMAIL PROTECTED]]
> > >Sent: Tuesday, July 16, 2002 9:30 AM
> > >To: MS-Exchange Admin Issues
> > >Subject: RE: Exchange 5.5 server HACKED!
> > >Importance: Low
> > >
> > >
> > > Look at the 4031 error messages, which indicate SOMEONE
> > is trying to
> > >relay through the server, and since unauthorized relaying is
> > prohibited
> > >that tells me someone has hacked in.
> > >
> > >>-----Original Message-----
> > >>From: William Lefkovics [mailto:[EMAIL PROTECTED]]
> > >>Sent: Tuesday, July 16, 2002 1:03 AM
> > >>To: MS-Exchange Admin Issues
> > >>Subject: RE: Exchange 5.5 server HACKED!
> > >>
> > >>
> > >>Then it's sorta in production then, yes?
> > >>
> > >>Was there a concern other than the 4318's?
> > >>
> > >>-----Original Message-----
> > >>From: Dan Schwartz [mailto:[EMAIL PROTECTED]]
> > >>Sent: Monday, July 15, 2002 9:55 PM
> > >>Subject: RE: Exchange 5.5 server HACKED!
> > >>
> > >>
> > >>
> > >> Yes, it's connected, and the DNS servers have been
> > pointed at it for
> > >about a week...
> > >>
> >
> > ---
> > This attachment has been scanned for hostile code:
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.377 / Virus Database: 211 - Release Date: 7/15/2002
> >
> >
> > List Charter and FAQ at:
> > http://www.sunbelt-> software.com/exchange_list_charter.htm
> >
> >
>
> List Charter and FAQ at:
> http://www.sunbelt-> software.com/exchange_list_charter.htm
>
>
>
>
> List Charter and
> FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
>
> List Charter and FAQ at:
> http://www.sunbelt-> software.com/exchange_list_charter.htm
>
>
>
>
> List Charter and
> FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
>
>List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htmList Charter and FAQ at:
*************************************************************************************************************************************************************************************************************************
This is an email from the ICM Computer Group of Companies and is confidential. If you are not the intended recipient you must not disclose or use the information but please delete the email as soon as possible.
If you have received this email in error please notify our mail manager at [EMAIL PROTECTED] Note that this is NOT the address of the person who sent this mail to you but a general administrative address. If you wish to reply to the sender of this message, use the "Reply" function built into your email software.
Any views in the email are those of the sender only and not those of the ICM Computer Group of Companies. This email is not intended to be contractually binding.
As part of conducting its business, ICM may monitor and record emails and their contents passing through their network under the Telecommunications (Lawful Business Practices)and(Interception of Communications) Regulations 2000.
Although we have checked this e-mail for viruses, it is not guaranteed to be virus free and it is your responsibility to scan the message and attachments prior to opening them. We do not accept any responsibility for the consequences of passing on any virus.
For further information please visit the ICM Computer Group plc website at
Version 1.4 2002 ICM Computer Group plc
*************************************************************************************************************************************************************************************************************************
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
